Cybersecurity teams are largely understaffed and underskilled. Security breaches are only going to accelerate and get worse. In general, most businesses are not prepared.

At a strategic level, in the C-Suite, what do we need to focus on right now?

The the article, “Top 5 cybersecurity mistakes IT leaders make, and how to fix them” we find some good ideas to consider.

“Not aligning cybersecurity and business goals – Cybersecurity professionals said the most beneficial action companies can take is adding goals and metrics related to security that IT business managers and security teams can work toward.

“Not building repeatable processes – As mentioned above, one of the top two security challenges named by security professionals is too many manual and informal security processes. These workers suggest that the second most beneficial action organizations can take is to document and formalize all cybersecurity processes.

“Not investing in training – While companies are increasing cybersecurity budgets, they tend to invest more in technology solutions than their employees, according to the report. Investing in more training and education at all levels, from non-technical employees to the IT and security teams to executive management, is key for protecting organizations.

“Not providing the right training – Cybersecurity professionals said they look to specific training courses (76%) and professional development organizations (71%) to build knowledge, skills, and abilities, rather than security certifications. Organizations can look to offer more sophisticated, continuous training, with a focus on specific skills that tend to be lacking, such as application and cloud security.

“Not assuming a perpetual skills shortage in future planning and strategy – Since cybersecurity professionals say the no. 1 security challenge they face is their staff being undersized for their organization, businesses must create aggressive programs for recruiting talent from IT teams and the business side to bridge security gaps, the report recommends.”

Source: Top 5 cybersecurity mistakes IT leaders make, and how to fix them